Enterprise Security WeeklySubscribe
Vulnerability Management, Security Staff Acquisition & Development, Identity, Cloud Security

ESW #271 – Rich Mogull & Andrew Hindle

Full Audio

View Show Index

Segments

1. The Turbulent Cloud Security Market – Rich Mogull – ESW #271

Cloud security is confusing enough these days, but a complex product landscape doesn’t make it any easier. In this segment we’ll talk about what’s driving this, how to make sense of it, and where to find things that actually help.

Announcements

  • Security Weekly listeners, save $100 on your RSA Conference 2022 Full Conference Pass! RSA Conference will be live in San Francisco June 6th-9th, 2022. Security Weekly will be there in full force, delivering real-time, live coverage and interviewing some of the event’s top speakers and sponsors. To register using our discount code, please visit https://securityweekly.com/rsac2022 and use the code 52UCYBER. We hope to see you there!

Guest

SVP Cloud Security at FireMon

With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum.

Hosts

Principal Researcher at The Defenders Initiative
Product Security Research and Analysis Director at Finite State
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

2. Digital Identity: The Cornerstone of Our Digital World – Andrew Hindle – ESW #271

Digital identity is key to modern security architectures; enables privacy-preserving, trusted services; and drives customer-oriented experiences. Key trends like passwordless, verified credentials, and personal identity will have a profound effect on enterprise security. Discover how you can make the most of these evolutions, and learn how you can support the industry and its professionals.

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Identiverse

Andrew Hindle is an independent consultant specialising in digital identity, privacy and cyber security. He has served as the Identiverse Content Chair for eight years. He is the Board Chair of IDPro, of which he is also a founding member; he participates as a voting member of the User Managed Access Working Group at Kantara; and he is an active member of the Open Identity Foundation (OIDF).

Andrew has over 20 years’ experience in the software industry in a range of technical sales, pre-sales, product marketing and business development roles. He holds an IDPro CIDPRO, maintains CIPP/E, CIPM and CIPT privacy certifications with the IAPP, and has a BA in Oriental Studies (Japanese) from Oxford University.

Outside of the world of identity, Andrew is a trustee with his local and county scouting groups, rides regularly with a local road cycling group, and plays keyboard, guitar and bassoon (not at the same time!) with more enthusiasm than skill, and for an audience of one. Andrew is based in the UK and can also be found on twitter (@andrewhindle) and LinkedIn (linkedin.com/in/ahindle).

Hosts

Principal Researcher at The Defenders Initiative
Product Security Research and Analysis Director at Finite State
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

3. Austin Peay State, Basis Theory, Authtech, Hivemapper Dashcam, & Devo Autonomous SOC – ESW #271

This week in the Enterprise News: Basis Theory raises $17 million funding round, Crunchbase Funding Round Profile, Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC”, Hivemapper Dashcam, Authtech, Twitter accepts Elon Musk’s $44 billion offer, Austin Peay State University on Twitter, Basis Theory raises $17 million funding round, & more!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: SonarSource raises $412M to scan codebases for bugs – TechCrunch
    $412M Series ? co-led by Advent International and General Catalyst. Hugely confused at first, I eventually worked out that SonarQube and SonarSource are one and the same. The confusion comes from the fact that sonarsource.com is the commercial entity, with TOTALLY DIFFERENT BRANDING from Sonarqube.org, which is devoted to the FOSS side of the products. Both backed by the Swiss-based SonarSource S.A. Fundamentally a shift left AppSec product, focused on discovering issues in code before they get to production (whether through automated CI/CD pipeline testing, or an IDE plugin that shouts at devs in real time when they mess things up.
  2. 2. FUNDING: ARMO raises $30M for the first open-source Kubernetes security platform
  3. 3. FUNDING: Cybersecurity startup WiJungle raises seed funding of $22 million
  4. 4. FUNDING: Basis Theory raises $17 million funding round
  5. 5. FUNDING: Dassana Emerges From Stealth With $5M in Funding to Bring Cloud-Like Thinking to Logs
  6. 6. FUNDING: Privy Closes $4M in Series A funding to Accelerate Growth
  7. 7. GROWTH: How Privy hit $11.4M in Revenue with 19K Customers in 2022.
  8. 8. FUNDING: Venture Round – SpiderOak – 2022-04-14 – Crunchbase Funding Round Profile
  9. 9. ACQUISITIONS: Tenable Agrees to Acquire Bit Discovery
  10. 10. ACQUISITIONS: Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC” – Devo.com
    Devo acquires Kognos. Details of the deal appear to be private. Isn't an autonomous SOC, by definition, NOT a SOC?
  11. 11. ACQUISITIONS: Sophos Acquires SOC.OS for More MDR, XDR Security Automation – MSSP Alert
    Now Thoma Bravo-backed, private Sophos is making some acquisitions. Sophos was taken private by Thoma in 2020 for $3.9B. This is the fourth acquisition since the take-private and Sophos's 17th overall. Sophos went on a tear last summer, picking up Refactr (devops-focused SOAR), Braintrace (services), and Capsule8 (Linux attack prevention). SOC.OS is a SOCaaS provider, which makes sense, given Sophos's mid-market focus.
  12. 12. TRENDS: Hivemapper Dashcam – Hivemapper Network
    Paying drivers to help create a competitor to commercial mapping services. What will be next in the defi world?
  13. 13. REPORTS: Thinkst Applied Research – Thinkstscapes
    The latest version of Thinkst's roll-up of goings on for the previous 6 months is available and free (not even any form to fill out).
  14. 14. NEW PRODUCTS: Authtech
    Using flashing lights to authenticate? The concept isn't new - the Timex Datalink series of watches were PDAs for your wrist in the 90's. They flashed lights on the screen of your PC to transfer data to the watch.
  15. 15. NEW PRODUCTS: SecurityScorecard Launches Cyber Risk Quantification Portfolio
  16. 16. NEW PRODUCTS: Mindpass – Password Manager
    Log into your password vault by picking out three random objects in 3D scenes. But why, when you could just use your fingerprint to log in???
  17. 17. SQUIRREL: Twitter accepts Elon Musk’s $44 billion offer – TechCrunch
  18. 18. SQUIRREL: Austin Peay State University on Twitter
    We probably shouldn't be laughing, but the comments in this thread are hilarious.
Product Security Research and Analysis Director at Finite State
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

Related

You can skip this ad in 5 seconds